It is possible that you have applications installed prior to enabling the Java Authorization Contract for Containers (JACC)-based authorization. You can start with default authorization and then move to an external provider-based authorization using JACC later.
The tool uses the SecurityAdmin MBean to propagate the policy information in the deployment descriptor of any installed application to the JACC provider. You can invoke this tool using wsadmin at the base application server for base and deployment manager level for WebSphere® Application Server, Network Deployment. Note that the SecurityAdmin MBean is available only when the server is running.
Use propagatePolicyToJACCProvider{-appNames appNames} to propagate the policy information in the deployment descriptor or annotations of the enterprise archive (EAR) files to the JACC provider. If the RoleConfigurationFactory and the RoleConfiguration interfaces are implemented by the JACC provider, the authorization table information in the binding file of the EAR files is also propagated to the provider. See the Interfaces that support JACC article for more information about these interfaces.
The appNames String contains the list of application names, delimited by a colon (:), whose policy information must be stored in the provider. If appNames is not present, the policy information of all the deployed applications is propagated to the provider.
In this information ...Related concepts
Related tasks
| IBM Redbooks, demos, education, and more(Index) |